kibana

mirror of https://github.com/elastic/kibana.git synced 2025-04-22 17:04:01 -04:00

History

Jean-Louis Leysens 32b5903f92 [HTTP] First pass of making Kibana work with internal restrictions enforced (#162258 ) ## Summary When turning on `server.restrictInternalApis` a number of issues surfaced due to defaulting to internal resulting in `400`s for: * HTTP resources * Static assets via `registerStaticDir` * Use of `res.render(Html\|Js\|Css)` outside of HTTP resources This PR: * defaults our HTTP resources service to register routes by default `public`, same for static dirs. * Did an audit of all renderX usages, if outside of HTTP resources I added an explicit `access: public` * ...what else? ### Set `access: 'public'` for known set of "system" routes Method \| Path \| Comment -- \| -- \| -- GET \| /api/status GET \| /api/stats GET \| /translations/{locale}.json GET \| /api/fleet/agent_policies GET \| /api/task_manager/_background_task_utilization GET \| /internal/task_manager/_background_task_utilization GET \| /internal/detection_engine/health/_cluster POST \| /internal/detection_engine/health/_cluster GET \| /internal/detection_engine/health/_space POST \| /internal/detection_engine/health/_space POST \| /internal/detection_engine/health/_rule POST \| /internal/detection_engine/health/_setup GET \| /bootstrap.js GET \| /bootstrap-anonymous.js GET \| \\/bundles/\* \| Core's routes for serving JS & CSS bundles ## How to test Run this PR with `kibana.dev.yml` containing `server.restrictInternalApis: true` and navigate around Kibana UI checking that there are no `400`s in the network resources tab due to access restrictions. ## Notes * Either left a comment about why `access` was set public or a simple unit test to check that we are setting access for a given route ## To do - [x] Manually test Kibana - [x] Manually test with `interactiveSetup` plugin - [ ] Add integration and e2e test (will do in a follow up PR) Related: https://github.com/elastic/kibana/pull/162149 --------- Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com>		2023-07-26 14:48:06 +02:00
..
core-status-common	Transpile packages on demand, validate all TS projects (#146212 )	2022-12-22 19:00:29 -06:00
core-status-common-internal	Add build_date to kbn:api/status (#157905 )	2023-05-25 10:21:47 -07:00
core-status-server	Transpile packages on demand, validate all TS projects (#146212 )	2022-12-22 19:00:29 -06:00
core-status-server-internal	[HTTP] First pass of making Kibana work with internal restrictions enforced (#162258 )	2023-07-26 14:48:06 +02:00
core-status-server-mocks	`/api/status` - always return a consistent status code (#159768 )	2023-06-20 02:06:40 -07:00